lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHkjRp=UsiSYGU4uLZKvh78uj1qC+FhppF4ScEO4frooXbOSeg@mail.gmail.com> Date: Tue, 13 Aug 2019 09:55:51 +0530 From: Devendra Solanki <devendra0x0@...il.com> To: bugtraq@...urityfocus.com Subject: Dlink-CVE-2019-13101 A remote vulnerability was discovered on D-Link DIR-600M Wireless N 150 Home Router in multiple respective firmware versions. The vulnerability provides unauthenticated remote access to the router's WAN configuration page i.e. "wan.htm", which leads to disclosure of sensitive user information including but not limited to PPPoE, DNS configuration etc, also allowing to change the configuration settings as well. A metasploit script exploits the same vulnerability: https://github.com/d0x0/D-Link-DIR-600M/blob/master/dlink-cve-2019-13101.rb A Nmap nse script to exploit the vulnerability : https://github.com/d0x0/D-Link-DIR-600M/blob/master/dlink-cve-2019-13101.nse Regards: Devendra Singh Solanki https://twitter.com/_d0x0_ https://github.com/d0x0
Powered by blists - more mailing lists